Federal Buildings at Increased Risk of Attack Due to Mishandled Badges

Facilities managed by the General Services Administration are at an increased risk of vulnerability to shooters, terrorist attacks, and other unauthorized access due to the mishandling of identity badges, according to a pair of reports published by the agency’s inspector general.

The IG examined how the agency determines security features of its building badges, in addition to how it handles or retires badges no longer in use.

The top risks included:

Contractors given building badges after failing federal background checks

Inactive contractors with active badges

Unsecured badge IT systems

Staff inadequately trained on the issuance of building badges

“These security control weaknesses increase the risk of unauthorized access to the 8,603 facilities managed by GSA,” the report reads. “Unauthorized access to a federal facility increases the risk of a security event, such as an active shooter, terrorist attack, or theft of government property, as well as exposure of government sensitive and contractor proprietary information.”

Recognizing the need to enhance security, a 2004 Presidential Directive established a “mandatory, government-wide standard for secure and reliable forms of identification issued by the federal government to its employees and contractor employees.”

The GSA badges, however, are not in compliance with this directive and are more susceptible to identity fraud, tampering, counterfeiting, and exploitation” due to their “unique designs, data elements, and security features,” reads the report.

When employees and contractors no longer need a badge, GSA often times neglects to collect and destroy the badges, creating another security threat all its own.